AppArmor permissions layout rework
The file permissions layout table[1] is running out of space and cannot properly support things such as mount rules. While we could hack around this and do remappings, this will require more work to untangle down the road than completing the permissions rework.
http://
Blueprint information
- Status:
- Complete
- Approver:
- Jamie Strandboge
- Priority:
- Essential
- Drafter:
- John Johansen
- Direction:
- Approved
- Assignee:
- John Johansen
- Definition:
- Approved
- Series goal:
- Accepted for precise
- Implementation:
-
Implemented
- Milestone target:
- None
- Started by
- Jamie Strandboge
- Completed by
- Jamie Strandboge
Related branches
Related bugs
Sprints
Whiteboard
Work items:
[jjohansen] extend kernel to use extended permission format (high) (1): DONE
[jjohansen] extend kernel to remap old perms at load to new permission format + regression test it (high) (1): DONE
[jjohansen] extend kernel to load policydb - new permission layout (high) (1): DONE
[jjohansen] fix parse dfa backend to propogate permissions through to compressed DFA generation (high) (4): DONE
[jjohansen] extend parser to generate policydb - new permission layout (high) (2): DONE
Work Items
Dependency tree
* Blueprints in grey have been implemented.
